Media content, such as audio, video and multimedia content, can be delivered via unicast, multicast or broadcast communication links from a media content source (also called media content server) to media content recipients (also called client devices). The delivery of media content today widely relies on streaming mechanisms and file transfer technologies.
To prevent an unauthorized duplication of the media content on a client side it becomes increasingly important to implement efficient DRM technologies. DRM relies on cryptographic processes to permit media content consumption (e.g., storing or playing out) only to client devices that possess proper cryptographic material.
In the following, the processes underlying DRM will be described with exemplary reference to the DRM technology platform developed by the Marlin Developer Community (MDC).
To enable secure and governed media content consumption, a license concept has been proposed by the MDC. A Marlin license is an Extended Mark-Up Language (XML) document of several kilobyte that contains a set of license objects that govern the use of the media content and convey the conditions necessary for allowing access to the cryptographic key (“content key”) used to encrypt the media content. The license objects comprise, for example, a key object including encrypted key data and a binding object binding the media content to the key object.
A typical DRM process starts with an MDC client device selecting, for example in a Web Store, media content (such as a song or video) for download. The Web Store informs a client application running on the client device where and how to obtain the media content and returns a so-called Action Token to the client device. An Action Token contains a set of processing instructions the client device must perform in order to obtain the license that is required for consuming the selected media content. The Web Store also communicates with its “Back Office” to provide it with the information needed for the DRM process.
The client application passes the Action Token received from the Web Store to a Marlin Client DRM Engine in the client device. The Marlin Client DRM Engine performs the actions specified in the Action Token such as the transmission of appropriate service requests to a remote Marlin Server DRM Module under control of Marlin protocols. The Marlin Server DRM Module constructs related requests and sends those to the Back Office. The Back Office applies processing logic to the requests received from the Marlin Server DRM Module and returns information to the Marlin Server DRM Module that enables same to build the license for the selected media content. The license is then sent by the Marlin Server DRM Module to the Marlin Client DRM Engine, which provides it to the client application.
The client application downloads the media content independently from receipt of the license. At the time a user wishes to consume the downloaded media content, the client application consults the Marlin Client DRM Engine to verify the license. If the license can be positively verified, the media content will be decrypted and can thus be consumed.
The above DRM scenario describes the situation in which a single license is delivered to a single client device for a single content item. In many cases a large number of client devices (or client device groups) may wish to obtain access to a particular content item, such as a live sports event (e.g., via broadcast transmission). In such cases a large number of licenses have to be transmitted. If the license information would be embedded in a content stream (in-band transmission) the effective transmission bandwidth that remains available for the media content would be reduced. In case of an out-of-band transmission it is generally desirable to reduce the resources required for the transmission of license information. In some scenarios the license channel bandwidth might need to be splitted among possibly thousands of client devices.